exploitDog

CVE-2008-0182

Опубликовано: 05 фев. 2008

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message.

Ссылки

http://secunia.com/advisories/28742
Vendor Advisory
http://support.liferay.com/browse/LEP-4739
http://www.kb.cert.org/vuls/id/767825
US Government Resource
http://secunia.com/advisories/28742
Vendor Advisory
http://support.liferay.com/browse/LEP-4739
http://www.kb.cert.org/vuls/id/767825
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:liferay:liferay_enterprise_portal:*:*:*:*:*:*:*:*

Версия до 4.3.6 (включая)

EPSS

Процентиль: 52%

0.00285

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

CVE-2008-0182

debian

почти 18 лет назад

Cross-site request forgery (CSRF) vulnerability in the Admin portlet i ...

GHSA-fxrw-q665-w573

github

больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message.

EPSS

Процентиль: 52%

0.00285

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-352